Re: debian-devel-digest Digest V102 #347
>------------------------------
>Content-Type: text/plain
>debian-devel-digest Digest Volume 102 : Issue 347
>To UNSUBSCRIBE, email to debian-devel-digest-request@lists.debian.org
>with a subject of "unsubscribe". Trouble? Contact listmaster@debian.org.
>Today's Topics:
> Re: [Bug#137321] executing of conffi [ Anthony Towns <aj@azure.humbug.org. ]
> xconq [was: Security patch] [ Andreas Rottmann <a.rottmann@gmx.at ]
> Re: Bug#137321: [Bug#137321] executi [ "Eloy A. Paris" <eloy.paris@usa.net ]
> Re: where to upload? [ "Carl B. Constantine" <duckwing@duc ]
> Debconf is not executed during insta [ racke@linuxia.de (Stefan Hornburg R ]
> Re: Debconf is not executed during i [ Ben Collins <bcollins@debian.org> ]
> Re: Debconf is not executed during i [ Daniel Jacobowitz <dan@debian.org> ]
> [RFC] Debian skin for AIX [ Jor-el <jorel@trillian.megadodo.umb ]
> Re: Microsoft SPAM!!! Complain at ma [ Russell Coker <russell@coker.com.au ]
> Re: Debconf is not executed during i [ Colin Watson <cjwatson@debian.org> ]
> Re: [RFC] Debian skin for AIX [ Colin Watson <cjwatson@debian.org> ]
> Re: [RFC] Debian skin for AIX [ Jor-el <jorel@trillian.megadodo.umb ]
> Re: Bug#137321: [Bug#137321] executi [ qubeck@t-online.de (Eduard Bloch) ]
> Re: [RFC] Debian skin for AIX [ Wichert Akkerman <wichert@wiggy.net ]
> Unsubscribe debian@vanhuet.nl [ "Frank van Huet" <frank@vanhuet.nl> ]
> Re: [RFC] Debian skin for AIX [ Colin Watson <cjwatson@debian.org> ]
> Re: Bug#137340: ITP: ip2host -- Reso [ Colin Watson <cjwatson@debian.org> ]
> Re: where to upload? [ Mark Brown <broonie@sirena.org.uk> ]
>------------------------------
>Date: Sat, 9 Mar 2002 23:41:56 +1000
>From: Anthony Towns <aj@azure.humbug.org.au>
>To: Steve Langasek <vorlon@netexpress.net>, 137321@bugs.debian.org,
> debian-devel@lists.debian.org
>Subject: Re: [Bug#137321] executing of conffiles (init scripts) in postinst
>Message-ID: <[🔎] 20020309134156.GD2406@azure.humbug.org.au>
>Content-Type: text/plain; charset=us-ascii
>Content-Disposition: inline
>On Fri, Mar 08, 2002 at 11:49:04PM +0100, Eduard Bloch wrote:
>> > script and making it invalid POSIX sh is unsupported, and changing a
>> > conffile so that it's unusable by a program that reads it is
>> If I remove the execute bit from the script,
>Who says you can do such a thing? The proper way of disabling an init
>script is to put "exit 0" in it somewhere near the top. Nothing else is
>guaranteed to work reliably. Not changing permissions, not rm'ing it,
>even getting rid of the rc*.d/ symlinks (or file-rc equivalent).
>This is inelegant, yes, and the solution to that is the invoke-rc.d stuff
>we'll be rolling out next release.
>Cheers,
>aj
>--
>Anthony Towns <aj@humbug.org.au> <http://azure.humbug.org.au/~aj/>
>We came. We Saw. We Conferenced. http://linux.conf.au/
> ``Debian: giving you the power to shoot yourself in each
> toe individually.'' -- with kudos to Greg Lehey
>------------------------------
>Date: Sat, 09 Mar 2002 16:38:43 +0100
>From: Andreas Rottmann <a.rottmann@gmx.at>
>To: Andreas Tille <tille@debian.org>
>Cc: debian-devel@lists.debian.org
>Subject: xconq [was: Security patch]
>Message-ID: <[🔎] 878z91vji4.fsf@alice.rhinosaur.lan>
>Content-Type: text/plain; charset=UTF-8
>Content-Transfer-Encoding: quoted-printable
>Andreas Tille <tille@debian.org> writes:
>> Hello,
>>
>> while sitting at the Linux-Tag in Chemnitz I'm trying to build
>> xconq packages for version 7.4.1. Please send me any security relevant
>> information (patches or URLs to patches).
>>
>> I do the packaging stuff from scratch using
>>
>> ftp://sources.redhat.com/pub/xconq/xconq-7.4.1.tar.gz
>>
>Maybe I should have sent you a mail non that, but Timo Benk, now in
>the NM queue, has made packages of xconq 7.4.1 and I sponsored
>them. They are right now in incoming, but should hit the archive soon,
>and hopefully soon enough for woody.
>Note that I have Cc'd debian-devel, to make sure there isn't any more
>duplicationof effort.
>Please everybody who has interest in xconq, please test the new
>packages, either from incoming or when in the archive. This is
>important, since this is a new upstream version and we should make
>sure there are no RC bugs in the new packages when woody ships.
>The packages are: xconq-common, xconq-doc, xconq.
>Andy
>--=20
>Andreas Rottmann | Dru@ICQ | 118634484@ICQ | a.rottmann@gmx.=
>at
>Georg-Rendlweg 28 | A-5111 B=FCrmoos | Austria | Europe
>http://www.8ung.at/rotty | GnuPG Key: http://www.8ung.at/rotty/gpg.asc
>Fingerprint | DFB4 4EB4 78A4 5EEE 6219 F228 F92F CFC5 01FD 5B=
>62
>------------------------------
>Date: Sat, 9 Mar 2002 10:49:27 -0500
>From: "Eloy A. Paris" <eloy.paris@usa.net>
>To: Steve Langasek <vorlon@netexpress.net>, debian-devel@lists.debian.org,
> 137321@bugs.debian.org, qubeck@t-online.de
>Subject: Re: Bug#137321: [Bug#137321] executing of conffiles (init scripts) in postinst
>Message-ID: <[🔎] 20020309154926.GA20843@antenas.dyndns.org>
>Content-Type: text/plain; charset=us-ascii
>Content-Disposition: inline
>Eduard,
>We disagree with the severity of this bug. Vorlon and I, maintainers of
>the Samba packages, have already told you why we think the bug should
>be 'wishlist'. I personally thing that changing the severity back to
>what you originally assigned is a very unpolite thing to do (given the
>circumstances.) You are not respecting our authority and discretion
>as maintainers of the package.
>I checked section E of the policy and I could not find anything about
>"changing the permissions or relying on their state". Where exactly is it?
>I won't waste time changing back the severity to what we think it should
>be. In my personal opinion users have to much power when it comes to
>filing bugs - they can hold a release just because something doesn't
>work just for them, even when they have a corner case configuration
>and everything works for everybody else, users have more discretion
>and authority than the package maintainers, etc. But this is part of
>another story...
>The problem is being dealt with and will be fixed in our next release.
>I recommend you use rcconf or, as Anthony said, put an 'exit 0' at the
>top of the script if you want to disable a service.
>Cheers!
>Eloy.-
>On Fri, Mar 08, 2002 at 11:49:04PM +0100, Eduard Bloch wrote:
>> severity 137321 important
>> thanks
>>
>> > Um... no. It is an *init script*, and while it is a conffile, any
>>
>> The init scripts are marked as conffiles, and this is good so. Many
>> packages even depend on manual configuration IN the init scripts.
>>
>> > change that renders this file something other than a valid init script
>> > is unsupported. Just as changing a conffile that is sourced as a shell
>>
>> But you do not have to use conffiles as part of your postinst execution
>> without checking them. You do not even check whether the file still does
>> exist.
>>
>> > script and making it invalid POSIX sh is unsupported, and changing a
>> > conffile so that it's unusable by a program that reads it is
>>
>> If I remove the execute bit from the script, I DO NOT WANT to make any
>> upgrade to execute it. As said, you just assume that everyone has
*** Your message did not reach its recipient ***
It was caught by the mailing system as spam.
If this message is not spam and you feel that
this message was caught in error, please email
a note to spam_filter@netfx-2000.net.
If this message is spam, knock it off!
This server is in California where it is illegal
to spam! We do not accept spam here!
We will go after all spammers to the maximum
extent of the law!
Reply to: